CN106454815A - Routing method for wireless sensor network based on LEACH protocol - Google Patents
Routing method for wireless sensor network based on LEACH protocol Download PDFInfo
- Publication number
- CN106454815A CN106454815A CN201611060412.XA CN201611060412A CN106454815A CN 106454815 A CN106454815 A CN 106454815A CN 201611060412 A CN201611060412 A CN 201611060412A CN 106454815 A CN106454815 A CN 106454815A
- Authority
- CN
- China
- Prior art keywords
- node
- leader cluster
- base station
- cluster
- cluster node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W40/00—Communication routing or communication path finding
- H04W40/02—Communication route or path selection, e.g. power-based or shortest path routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W40/00—Communication routing or communication path finding
- H04W40/02—Communication route or path selection, e.g. power-based or shortest path routing
- H04W40/04—Communication route or path selection, e.g. power-based or shortest path routing based on wireless node resources
- H04W40/10—Communication route or path selection, e.g. power-based or shortest path routing based on wireless node resources based on available power or energy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W40/00—Communication routing or communication path finding
- H04W40/24—Connectivity information management, e.g. connectivity discovery or connectivity update
- H04W40/32—Connectivity information management, e.g. connectivity discovery or connectivity update for defining a routing cluster membership
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/18—Self-organising networks, e.g. ad-hoc networks or sensor networks
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a routing method for a wireless sensor network based on an LEACH protocol. The method comprises the following steps of carrying out initialized deployment on all nodes in the whole network; entering an authentication broadcast stage; entering a clustering stage; and entering a data transfer stage, wherein the authentication broadcast stage is as follows: a base station broadcasts and updates security control information, and the nodes are updated after obtaining broadcast information; the clustering stage is as follows: a cluster head node is elected and an optimal cluster head node is selected to enter a cluster from common nodes; and each cluster head node selects a monitoring cluster head node and the monitoring cluster head node enters into the cluster; the data transfer stage is as follows: all common nodes transmit data to the cluster heads of the clusters where the common nodes are located; and meanwhile, each monitoring cluster head node transmits a testing data packet to a monitored cluster head node and transmits a tracking data packet to the base station; after the cluster head node receives the data, the cluster head node transmits a random number and the data which received in the base station broadcast stage to the base station; and the base station detects whether the network has attacks, such as tampering and packet loss, through checking the data sent by all cluster heads. According to the method, the security is improved while the system energy consumption is reduced, so that the network can effectively resist the attacks.
Description
Technical field
The present invention relates to a kind of wireless sensor network (Wireless Sensor Networks, WSN) technical field, special
It is not related to one kind and be based on LEACH (low power consumption adaptive cluster laminated devices, Low Energy Adaptive Clustering
Hierarchy) the wireless sensor network routing method of agreement.
Background technology
The network system of the self-organizing that WSN is made up of the sensor node in a large number with radio communication function.This
There is wireless, multi-hop transmission ability cheap microsensor node a bit and be deployed in monitored area by substantial amounts of, collaborative perception, adopt
Data in monitor set region, and transmit data to base station or aggregation node.Routing Protocol, MAC protocol, data anastomosing algorithm etc.
It is the main research direction of WSN.Wherein, Routing Protocol is one of key technology of WSN, determines the transmission of data and forwards road
Footpath.Currently there is the Routing Protocol of various ways, but these Routing Protocols usually not consider safety problem at the beginning of design, have
A little even have serious potential safety hazard and leak in actual applications.In the course of Information Technology Development, safety research is
An inevitable link, either the Internet, industry computer, or WSN, safety is all a vital technical need.
LEACH agreement is first hierarchical Routing Protocol, cluster head random-selection node in a circulating manner, by the energy of whole network
Load average is assigned in each sensor node, thus reducing network energy resource consumption, improving network entirety life span
Purpose.It is more the problems such as consider energy-optimised, distributed information processing at the beginning of design, asks without being related to safety
Topic.In addition to the potential safety hazards such as the data confidentiality of WSN generally existing, integrity, access control, also there is it in LEACH agreement
Distinctive security breaches.For example in the cluster stage, the cluster that enters of ordinary node is the cluster head conduct selecting broadcast singal energy the strongest
Optimum cluster head, in this regard, a laptop type attacker can be broadcasted to the whole network with its powerful transmitting-receiving ability in the cluster stage
False HELLO bag, attracts all or part node in network to enter cluster.Attacker, can further start to select by rear in attraction road
Selecting property forwards, distorts, resetting, packet loss, exhaust etc. and to attack, and such as starts selective forwarding to attack suppressing the data of somewhere node and sends out
Send.
Content of the invention
It is an object of the invention to overcoming shortcoming and the deficiency of prior art, provide a kind of wireless based on LEACH agreement
Sensor network routing method.While the method increasing security of system, reduce as far as possible and bring because security mechanism introduces
Energy consumption increase sharply.Meanwhile, using low power dissipation design strategy, extend the time-to-live of network.
The purpose of the present invention is achieved through the following technical solutions:A kind of wireless sensor network road based on LEACH agreement
By method, step is as follows:
The all nodes of S1, the whole network carry out initialization deployment;
S2, entrance certification broadcast phase:Base station includes the data of security control information and periodic to the whole network broadcast
Update security control information, this security control information includes a random number, and each node is getting the safety control of base station broadcast
After information processed, the correctness of this security control information is verified, to currently stored security control information after having verified
It is updated;Certification broadcast phase enters step S3 after terminating;
S3, entrance cluster stage:All nodes run cluster head election algorithm, after completing election of cluster head, elected leader cluster node
To the whole network broadcast message, all ordinary nodes, after the broadcast message receiving multichannel leader cluster node, select optimum leader cluster node
Carry out into cluster;Meanwhile, the leader cluster node broadcast message that each leader cluster node receives according to it, chooses optimum leader cluster node as it
Monitoring leader cluster node, and to monitoring leader cluster node send ask into cluster information so that monitor leader cluster node enter cluster to be monitored
Leader cluster node place cluster;
The stable data transfer phase of S4, entrance:All ordinary nodes are obtaining the laggard line number of time slot in its affiliated cluster
According to transmission, transfer data to the cluster head of its place cluster;Monitoring leader cluster node gets its monitored leader cluster node institute simultaneously
After the time slot of cluster, transmitting test data bag is to its monitored leader cluster node, and transmits tracking data bag to base station;Cluster head section
Verified after selecting the data receiving in cluster and checked its integrity, after collecting all valid data, by data and
Send base station to after the random number that certification broadcast phase receives is packed, the random number that base station is broadcasted and cluster head section
The random number that point sends is contrasted, consistent to verify whether, if adopting the link authentication between leader cluster node and base station unanimously.
Preferably, in described step S1, initialization deployment includes generation, the distribution of the whole network node identification of base station key chain
Storage with symmetric-key security algorithm.
Preferably, the security control information that in described step S2, base station is broadcasted to the whole network includes network master key and node is black
List;Base station is derived from the network master key chain of base station stored to the network master key that the whole network is broadcasted;The network of wherein base station stored
Master key chain is hash chain;Base station periodically updates network master key and node blacklist in each wheel, if node blacklist
Do not change, then will be without broadcast node blacklist during next round.
In described step S4 by send deficiency of data bag to leader cluster node node definition be doubtful malicious node, work as section
When point is sent to the deficiency of data bag number of times accounting of leader cluster node more than f%, this node definition is blacklist, and by cluster head
Node black list information is sent to base station by node, base station more new node black list information.
Further, the network master key chain of base station stored is:
K1,K2,...,Km-1,Km;
Wherein m is the number of network master key in network master key chain;Network master key chain meets following relation:
K1=HASH (K2)
K2=HASH (K3)
......
Km-1=HASH (Km)
When base station is to the whole network broadcast safe control information, the first round is to the whole network radio network master key K1, second takes turns to complete
Net radio network master key K2, the like, take turns to the whole network radio network master key K in mm;
The data that in this step, base station is broadcasted to the whole network needs to be encrypted, in the present embodiment base station each take turns to
Data msg of the whole network broadcastiFor:
Wherein badList is node blacklist, KiThe network master key broadcasted to the whole network for the i-th wheel base station,For base
Stand in the random number that the i-th wheel generates;
The data that base station is broadcasted to the whole network is broadcasted after encryption, and the data of concrete broadcast is:
WhereinIt is the msg to be sent to base station using the RC5 AES under CBC patterni
The encryption of cleartext information row obtains cipher-text information;WhereinFor generate based on
MD5'sThe message authentication code of cipher-text information, specifically, this message authentication code is numerically equal to close
Calculated MD5 value after civilian message and network master key splicing;Represent that base station is broadcasted to the whole network.
In described step S2, all nodes after getting the network master key of base station broadcast, using the Hash letter prestoring
The correctness of number checking network master key, confirms that the network master key receiving is rationally effective, if wherein node gets
Network master key meet below equation then it is assumed that the network master key getting is correct:
Ki-1=HASH (Ki);
Wherein KiFor node in the i-th wheel i.e. when front-wheel broadcast gets network master key, Ki-1For node in the i-th -1 wheel it is
Previous round broadcast gets network master key.
Preferably, the security control information of described step S2 interior joint storage includes node key and blacklist list, section
, after having verified the correctness of network master key, the network master key being received according to it is to its node key by following public affairs for point
Formula is updated:
WhereinNode key before updating for node j i-th wheel, i.e. the node key of the i-th -1 wheel storage, wherein
The node key obtaining after the i-th wheel updates for node j, KiTake turns the network master key of broadcast for base station broadcast i-th, that is, node exists
I-th wheel gets network master key, idjIdentity marks for node j;Wherein set J is the collection of all nodes in network
Close;
In described step S3 after node x is elected as leader cluster node, by the network master key being received according to it and section
The identity marks of point generate with the cluster key from the current cluster as cluster head:
WhereinThe cluster key generating for leader cluster node x i-th wheel, KiClose for the network master of base station broadcast i-th wheel broadcast
Key, idxFor the identity marks of leader cluster node x, X is the set of leader cluster node in network, wherein X ∈ J;
In this step, leader cluster node x i-th takes turns and includes cluster head information ADV_CH to the information of the whole network broadcastxAnd random numberWherein leader cluster node x i-th takes turns and to the information of the whole network broadcast is:
Above- mentioned information is only broadcasted, specially for after encryption:
WhereinThe base station counter value of the whole network nodes sharing producing for the i-th wheel base station counter;It is using the RC5 AES pair under CBC patternCleartext information is encrypted and obtains ciphertext
Information;For generating based on MD5'sCipher-text information
Message authentication code, specifically, this Message Authentication Code is numerically equal to cipher-text informationWith node
Calculated MD5 value after key splicing;Represent that leader cluster node x i-th takes turns to the whole network broadcast;
Ordinary node sends the random number that it receives in leader cluster node broadcast phase when entering cluster, and leader cluster node verifies it
Whether the random number of broadcast is consistent with the random number that ordinary node sends, if unanimously, link authentication completes;
In described step S3, monitoring leader cluster node, when entering the monitored leader cluster node of cluster, sends it and broadcasts rank in leader cluster node
The random number that section receives, monitored leader cluster node verifies that the random number that the random number of its broadcast is sent with monitoring leader cluster node is
No consistent, if unanimously, link authentication completes;
In described step S3 after cluster stage election of cluster head, elected leader cluster node generates cluster key.
Further, in described step S4, ordinary node y carries out data transmission after obtaining the time slot in its affiliated cluster
Formula is encrypted using the RC5 AES under CBC pattern, detailed process is as follows before:
Carry out the encryption of data initially with node key, simultaneously incidentally message authentication code, obtain packet
Wherein msgyFor ordinary node y data to be transmitted, i.e. cleartext information;For ordinary node y in the i-th node taken turns
Counter Value, is the remainder sum of base station counter value radix and node counter, as the initial vector of block encryption, wherein remaining
Number works as front-wheel data packet count value for node;The random number that ordinary node y generates in the i-th wheel;I is when front-wheel number,For
Ordinary node y is in the node key of the i-th wheel;Wherein Y is ordinary node set, wherein Y ∈ J in network;X∪
Y=J;
WhereinIt is to msg using the RC5 AES under CBC patternyAnd random numberThe cleartext information of composition is encrypted and obtains cipher-text information;
WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to cipher-text informationCalculated MD5 value after splicing with node key, then by MD5 value and node counts
The remainder of device value is spliced;
Then it is directed to packetEncrypted again, obtained packet
WhereinThe cluster key generating by the leader cluster node x of the entered cluster of ordinary node y,For base station counter i-th
The Counter Value of the whole network nodes sharing that wheel produces;
WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to cipher-text informationWith calculated MD5 value after node key splicing.
Finally by the above-mentioned packet encrypted again and obtainAnd the remainder of node counter sends ordinary node to
The leader cluster node of place cluster, is then forwarded to base station by leader cluster node;
Further, in described step S4, monitoring leader cluster node z gets its monitored leader cluster node z ' place cluster
After time slot, to its monitored leader cluster node, this test data bag adopts under CBC pattern transmitting test data bag before being transmitted
RC5 AES is encrypted, and detailed process is as follows:
Carry out the encryption of data initially with leader cluster node key, simultaneously incidentally message authentication code, obtain packet
It is whereinTake turns test data bag to be sent for monitoring leader cluster node z i-th,For monitoring cluster head
The random number that node z i-th wheel generates,Node counter value for monitoring leader cluster node z i-th wheel;For monitoring cluster head
The node key of node z i-th wheel;
It is using the RC5 AES pair under CBC patternWith
Random numberThe cleartext information of composition is encrypted and obtains cipher-text information;
WhereinFor generating the ciphertext letter based on MD5
BreathMessage authentication code;Specifically, this Message Authentication Code is numerically equal to cipher-text informationCalculated MD5 value after splicing with node key, then by MD5 value and leader cluster node enumerator
The remainder of value is spliced;
Then it is directed to packetEncrypted again, obtained:
WhereinThe cluster key generating for monitored leader cluster node z ';
Finally the above-mentioned packet obtaining of encrypting again is transferred to monitored leader cluster node by monitoring leader cluster node:
In described step S4, monitoring leader cluster node is transferred to the tracking packet of base station before being transmitted using under CBC pattern
RC5 AES be encrypted, detailed process is as follows:Carry out the encryption of data using its leader cluster node key, incidentally simultaneously
Message authentication code, obtains packet
It is whereinFor following the trail of packet,The random number generating for monitoring leader cluster node z i-th wheel,Node counter value for monitoring leader cluster node z i-th wheel;Node key for monitoring leader cluster node z i-th wheel;
WhereinIt is to tracking using the RC5 AES under CBC pattern
PacketAnd random numberThe cleartext information of composition is encrypted and obtains cipher-text information;
WhereinFor the ciphertext based on MD5 generating
InformationMessage authentication code, specifically, this message authentication code is numerically etc.
In cipher-text informationCalculated MD5 value after splicing with node key, then
The remainder of MD5 value and node counter value is spliced.
Further, in described step S4, leader cluster node is verified when receiving the packet of cluster interior nodes transmission,
Then packet is decrypted, the packet after being deciphered:
WhereinIt is sent to the packet of leader cluster node for node j i-th wheel,Take turns for base station counter i-th and produce
The Counter Value of raw the whole network nodes sharing;Kch-jThe cluster key generating in the i-th wheel place cluster for leader cluster node x;Cluster
Packet after the i-th wheel deciphering for the head node x;
Then the packet plaintext that the i-th wheel is received by leader cluster nodeThe identity marks information of leader cluster node x
idx, leader cluster node x i-th wheel generate random numberAnd base station generates random number in the i-th wheelCarry out after packing
Compression processes and obtains packet
Furthermore by packetObtained using the RC5 AES encryption under CBC pattern:
WhereinNode counter value for leader cluster node x i-th wheel;
Finally the data after above-mentioned encryption is sent to base station.
Preferably, in described step S3, the threshold function table of the cluster head election algorithm that each node runs is:
Wherein p is leader cluster node accounting, r is when front-wheel number, G are in the set of node not also being elected as leader cluster node when front-wheel
Close;EcurN () is node n current remaining, EaveIt is as the average residual energy of all surviving node of front-wheel, distoBS(n)
For the distance of node n and base station, disave2bsFor the average distance of all nodes and base station, λ1、λ2For weights coefficient, and there is λ1+
λ2=1.
Preferably, in described step S3 each ordinary node according to it, the cluster head relative importance value and each leader cluster node between is selected
Optimum leader cluster node carries out into cluster, and wherein between ordinary node and leader cluster node, cluster head relative importance value computing formula is as follows:
Wherein PchThe leader cluster node x broadcast signal strength that (y, x) receives for ordinary node y;
Wherein pch_aveY average leader cluster node broadcast signal strength that () receives for ordinary node y;
Wherein disch2bsX () is the distance of leader cluster node x and base station;
Wherein disave2bsAverage distance for all nodes and base station;
Wherein EchX () is the dump energy of leader cluster node x;
Wherein EaveFor average leader cluster node dump energy;
Additionally, η1、η2、η3For weighting parameter, and meet η1+η2+η3=1;
Wherein Y is the set of ordinary node in network, and X is the set of leader cluster node in network;
Cluster head relative importance value between ordinary node and each leader cluster node is calculated by above formula, then select with its it
Between the maximum leader cluster node of cluster head relative importance value send request into clusters as optimum leader cluster node, then to optimum leader cluster node:
WhereinThe solicited message sending for ordinary node y i-th wheel, including the request into clusters information of the i-th wheelThe random number generating with the i-th wheelKiThe network master key broadcasted in the i-th wheel for base station,
The Counter Value of the whole network nodes sharing producing for base station counter i-th wheel;
WhereinIt is using the RC5 AES pair under CBC patternCleartext information
It is encrypted and obtain cipher-text information;
WhereinThe cipher-text information based on MD5 generatingMessage authentication code;SNy→CHm:Represent ordinary node y to optimum leader cluster node m send ask into
Cluster;
In described step S3, each leader cluster node chooses optimum cluster according to the cluster head relative importance value between itself and other leader cluster node
Head node monitors leader cluster node as it, and the cluster head relative importance value computing formula wherein between leader cluster node and other leader cluster nodes is such as
Under:
Wherein PchOther leader cluster nodes n " broadcast signal strength that (x, n ") receives for leader cluster node x;
Wherein pch_aveX other leader cluster nodes average leader cluster node broadcast signal strength that () receives for leader cluster node x;
Wherein disch2bs(n ") is other leader cluster nodes n " with the distance of base station;
Wherein disave2bsAverage distance for all nodes and base station;
Wherein Ech(n ") be other leader cluster nodes n " dump energy;
Wherein Eave' for other all leader cluster nodes average leader cluster node dump energy;
Additionally, α1、α2、α3For weighting parameter, and meet α1+α2+α3=1;
Cluster head relative importance value between each leader cluster node and other leader cluster nodes is calculated by above formula, then select with
Between it, other maximum leader cluster nodes of cluster head relative importance value are as monitoring leader cluster node.
The present invention has such advantages as with respect to prior art and effect:
(1) wireless sensor network routing method of the present invention is to realize on based on LEACH agreement, in the inventive method
Base station periodically updates security control information, has ensured the robustness of key mechanism.In addition the inventive method is in the cluster stage
Node selects optimum leader cluster node to carry out, into cluster, after election leader cluster node, choosing an optimum for each leader cluster node
Leader cluster node sends test data to monitored cluster head section as monitoring leader cluster node, the monitoring leader cluster node with dual identity
Point, then sent to base station by monitored leader cluster node, monitoring leader cluster node sends and follows the trail of packet to base station simultaneously, wherein follows the trail of
Packet is one kind tracking to test data bag, and base station receives test data bag and detects the right of them after following the trail of packet
Should be related to, to detect that network whether there is the aggressive behaviors such as packet loss;Wireless sensor network is enable effectively to resist multiple attacking
Hit, therefore the inventive method improves the safety of wireless sensor network and reduces the power consumption of system simultaneously.The inventive method
The security control information of middle base station broadcast includes a random number, carries wide in certification when leader cluster node sends data to base station
The random number that the random number that the stage of broadcasting receives, the random number that base station is broadcasted and leader cluster node send is contrasted, to test
Whether card is consistent, thus realizing the link authentication between leader cluster node and base station, further increases the safety of data transfer.
(2) the inventive method is when cluster stage leader cluster node is elected, using residue energy of node, node and base station as choosing
Lift according to so that node more than current remaining and and the node near with base station distance to be elected to cluster head probability larger.
Consider the distance of residual energy energy, leader cluster node and base station and the cluster head of leader cluster node when optimum leader cluster node is chosen simultaneously
Node and the distance of ordinary node, can effectively reduce the power consumption of system, and select most suitable leader cluster node and optimum
Leader cluster node.
(3), in the inventive method, the network master key chain of base station stored is hash chain, and base station is in radio network master key chain
When consider the backward security of key, after will be unable to be inferred to according to the key of previous round, the key of a wheel is so that network
The current wheel secondary key that interior joint cannot be grasped because of itself deduces next round key, further increases the safety of system
Property.
(4) in the inventive method, leader cluster node broadcast cluster head information include a random number, ordinary node enter cluster when
Wait and its random number receiving in leader cluster node broadcast phase is sent to leader cluster node, the random number that leader cluster node is broadcasted
The random number sending with ordinary node is contrasted, consistent to verify whether, thus realizing between ordinary node and leader cluster node
The certification of link;Meanwhile, monitoring leader cluster node, when entering the monitored leader cluster node of cluster, returns it and connects in leader cluster node broadcast phase
The random number receiving, it is right that the random number that the random number that monitored leader cluster node is broadcasted is sent with monitoring leader cluster node is carried out
Ratio is consistent to verify whether, thus realizing monitoring the certification of link between leader cluster node and monitored leader cluster node.Carry further
High safety in data transfer for the inventive method.
(5), in the inventive method, packet that ordinary node transmits to leader cluster node, monitoring leader cluster node are to monitored cluster
The packet of head node transmission and the packet that transmit to base station of leader cluster node are through encryption and interpolation message authentication
Packet after code, wherein each node is all connected with, when generating cipher-text information, the random number that a node generates, to ensure ciphertext
Information can resist known ciphertext only attack.
(6) risen for LEACH protocol construction using the symmetric key mechanisms based on predistribution mode in the inventive method a set of
Complete key management system, updates network master key, node blacklist and node key by periodic, ensures entirely close
The safety of key system.Additionally, the mechanism such as message authentication, link authentication have been merged on key management mechanism, these lightweights
The application of security mechanism has played a more healthy and strong reliable security defensive system for LEACH protocol construction.
Brief description
Fig. 1 is the inventive method flow chart.
Fig. 2 is residue of network organization energy diagram in the inventive method.
Fig. 3 is the inventive method interior joint existing state schematic diagram.
Fig. 4 is certain monitoring TEST bag of leader cluster node and the base station reception amount of TRACE bag.
Specific embodiment
With reference to embodiment and accompanying drawing, the present invention is described in further detail, but embodiments of the present invention do not limit
In this.
Embodiment
As shown in figure 1, a kind of wireless sensor network routing method based on LEACH agreement in the present embodiment, step is such as
Under:
The all nodes of S1, the whole network carry out initialization deployment;Wherein initialization deployment includes generation, the whole network of base station key chain
The distribution of node identification and the storage of symmetric-key security algorithm.
S2, entrance certification broadcast phase:Base station includes the number of security control information to the whole network broadcast base station to the whole network broadcast
According to and periodically update security control information, this security control information includes a random number, and node is getting base station
After the security control information of broadcast, the correctness of this security control information is verified, to currently stored after having verified
Security control information is updated;Certification broadcast phase enters step S3 after terminating;In the present embodiment method, base station is to the whole network
The security control information of broadcast includes network master key and node blacklist;Base station is derived from base to the network master key that the whole network is broadcasted
Stand storage network master key chain.The so-called periodic renewal security control information of this step updates peace in each wheel broadcast
Full control information.
S3, entrance cluster stage:All nodes run cluster head election algorithm, after completing election of cluster head, elected leader cluster node
To the whole network broadcast message, all ordinary nodes, after the broadcast message receiving multichannel leader cluster node, select optimum leader cluster node
Carry out into cluster;Meanwhile, the leader cluster node broadcast message that each leader cluster node receives according to it, chooses optimum leader cluster node as it
Monitoring leader cluster node, and to monitoring leader cluster node send ask into cluster information so that monitor leader cluster node enter cluster to be monitored
Leader cluster node place cluster;In addition leader cluster node creates TDMA timetable and generates cluster key, and when distributing TDMA in cluster
Between table and cluster key.
The stable data transfer phase of S4, entrance:All ordinary nodes are to obtain the tdma slot in its affiliated cluster laggard
The transmission of row data, transfers data to the cluster head of its place cluster;Monitoring leader cluster node gets its monitored cluster head section simultaneously
After the time slot of point place cluster, transmitting test data bag to its monitored leader cluster node, and transmit tracking data bag to base station;Cluster
Verified after the data that head node receives in cluster and checked its integer, after collecting all valid data, by data with
And send base station to after the random number that certification broadcast phase receives is packed, random number and cluster head that base station is broadcasted
The random number that node sends is contrasted, consistent to verify whether, if the link adopted unanimously between leader cluster node and base station is recognized
Card.
In the present embodiment said method, base station periodically updates security control information, has ensured the robust of key mechanism
Property.The present embodiment method conducts an election in the cluster stage after leader cluster node, chooses an optimum cluster for each leader cluster node
Head node sends test data to monitored cluster head section as monitoring leader cluster node, the monitoring leader cluster node with dual identity
Point, then sent to base station by monitored leader cluster node, monitoring leader cluster node sends and follows the trail of packet to base station simultaneously, wherein follows the trail of
Packet is one kind tracking to test data bag, and base station receives test data bag and detects the right of them after following the trail of packet
Should be related to, to detect that network whether there is the aggressive behaviors such as packet loss;Wireless sensor network is enable effectively to resist multiple attacking
Hit, improve the safety of wireless sensor network.The security control information of wherein base station broadcast includes a random number, works as cluster
Head node sends data to and carries the random number receiving in certification broadcast phase during base station, the random number that base station is broadcasted and
The random number that leader cluster node sends is contrasted, consistent to verify whether, thus realizing the link between leader cluster node and base station
Certification, further increases the safety of data transfer.
In the present embodiment step S2, the network master key chain of base station stored is hash chain, and base station is in radio network master key chain
When consider the backward security of key, after will be unable to be inferred to according to the key of previous round, the key of a wheel is so that network
The current wheel secondary key that interior joint cannot be grasped because of itself deduces next round key, further increases the safety of system
Property.Base station periodically updates network master key and node blacklist in each wheel, if node blacklist does not change,
Will be without broadcast node blacklist during next round.Fixed to the node of leader cluster node by sending deficiency of data bag wherein in step S4
Justice is doubtful malicious node, when node is sent to the deficiency of data bag number of times accounting of leader cluster node more than f%, by this node
It is defined as blacklist, and node black list information is sent to by base station by leader cluster node, base station more new node black list information.?
In the present embodiment, f is 5%.
In the present embodiment, the network master key chain of base station stored is:
K1,K2,...,Km-1,Km;
Wherein m is the number of network master key in network master key chain;Network master key chain meets following relation:
K1=HASH (K2)
K2=HASH (K3);
......
Km-1=HASH (Km)
When base station is to the whole network broadcast safe control information, the first round is to the whole network radio network master key K1, second takes turns to complete
Net radio network master key K2, the like, take turns to the whole network radio network master key K in mm;
In the present embodiment step S2, base station needs to be encrypted to the data that the whole network is broadcasted, base station in the present embodiment
Each data msg taken turns to the whole network broadcastiFor:
Wherein badList is node blacklist, KiThe network master key broadcasted to the whole network for the i-th wheel base station,For base
Stand in the random number that the i-th wheel generates;
The data that base station is broadcasted to the whole network is broadcasted after encryption, and the data of concrete broadcast is:
WhereinIt is the msg to be sent to base station using the RC5 AES under CBC patterni
The encryption of cleartext information row obtains cipher-text information;WhereinFor generate based on
MD5'sThe message authentication code of cipher-text information, specifically, this message authentication code is numerically equal to close
Calculated MD5 value after civilian message and network master key splicing.Represent that base station is broadcasted to the whole network.
In the present embodiment step S2, all nodes after getting the network master key of base station broadcast, using the Kazakhstan prestoring
Uncommon function verifies the correctness of network master key, confirms that the network master key receiving is rationally effective, if wherein node obtains
The network master key got meets below equation then it is assumed that the network master key getting is correct:
Ki-1=HASH (Ki);
Wherein KiFor node in the i-th wheel i.e. when front-wheel broadcast gets network master key, Ki-1For node in the i-th -1 wheel it is
Previous round broadcast gets network master key.
The security control information of the present embodiment step S2 interior joint storage includes node key and blacklist list, and node exists
After having verified the correctness of network master key, according to the network master key that it receives, its node key is entered by below equation
Row updates:
WhereinNode key before updating for node j i-th wheel, i.e. the node key of the i-th -1 wheel storage, wherein
The node key obtaining after the i-th wheel updates for node j, KiTake turns the network master key of broadcast for base station broadcast i-th, that is, node exists
I-th wheel gets network master key, idjIdentity marks for node j;Wherein set J is the collection of all nodes in network
Close;
In the present embodiment step S3 after node x is elected as leader cluster node, the network master key that will be received according to it
Generate with the identity marks of node with the cluster key from the current cluster as cluster head:
WhereinThe cluster key generating for leader cluster node x i-th wheel, KiClose for the network master of base station broadcast i-th wheel broadcast
Key, idxFor the identity marks of leader cluster node x, nodes X is leader cluster node set, wherein X ∈ J in network;
In the present embodiment, leader cluster node x i-th takes turns and includes cluster head information ADV_CH to the information of the whole network broadcastxAnd random numberWherein leader cluster node x i-th takes turns and to the information of the whole network broadcast is:
Above- mentioned information is only broadcasted, specially for after encryption:
WhereinThe base station counter value of the whole network nodes sharing producing for the i-th wheel base station counter;It is using the RC5 AES pair under CBC patternCleartext information is encrypted and obtains ciphertext
Information;For generating based on MD5'sCipher-text information
Message authentication code, specifically, this Message Authentication Code is numerically equal to cipher-text informationClose with node
Calculated MD5 value after key splicing;Represent that leader cluster node x i-th takes turns to the whole network broadcast.
In the present embodiment step S3 ordinary node send when entering cluster its leader cluster node broadcast phase receive random
Number, leader cluster node verifies whether the random number of its broadcast is consistent with the random number that ordinary node sends, if unanimously, link authentication
Complete.
In the present embodiment step S3, monitoring leader cluster node, when entering the monitored leader cluster node of cluster, sends it wide in leader cluster node
The random number that the stage of broadcasting receives, monitored leader cluster node verifies that the random number of its broadcast is random with what monitoring leader cluster node sent
Whether number is consistent, if unanimously, link authentication completes.
Link between above-mentioned ordinary node and leader cluster node and between monitoring leader cluster node and monitored leader cluster node
Certification further increases safety in data transfer for the present embodiment method.
In described step S3 after cluster stage election of cluster head, elected leader cluster node generates cluster key.
Adopt before in the present embodiment step S4, ordinary node y carries out data transmission after obtaining the time slot in its affiliated cluster
RC5 AES under CBC pattern is encrypted, and detailed process is as follows:
Carry out the encryption of data initially with node key, simultaneously incidentally message authentication code, obtain packet
Wherein msgyFor ordinary node y data to be transmitted, i.e. cleartext information;For ordinary node y in the i-th node taken turns
Counter Value, is the remainder sum of base station counter value radix and node counter, as the initial vector of block encryption, wherein remaining
Number works as front-wheel data packet count value for node;The random number that ordinary node y generates in the i-th wheel;I is when front-wheel number,For
Ordinary node y is in the node key of the i-th wheel;Wherein Y is ordinary node set, wherein Y ∈ J in network;X∪
Y=J;
WhereinIt is to msg using the RC5 AES under CBC patternyAnd random numberThe cleartext information of composition is encrypted and obtains cipher-text information;
WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to cipher-text informationCalculated MD5 value after splicing with node key, then by MD5 value and node counts
The remainder of device value is spliced;
Then it is directed to packetEncrypted again, obtained packet
WhereinThe cluster key generating by the leader cluster node x of the entered cluster of ordinary node y,For base station counter i-th
The Counter Value of the whole network nodes sharing that wheel produces;
WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to cipher-text informationWith calculated MD5 value after node key splicing.
Finally by the above-mentioned packet encrypted again and obtainAnd the remainder of node counter sends ordinary node to
The leader cluster node of place cluster, is then forwarded to base station by leader cluster node.
In the present embodiment step S4, monitoring leader cluster node z passes after getting the time slot of its monitored leader cluster node z ' place cluster
To its monitored leader cluster node, this test data bag adopts the RC5 encryption under CBC pattern to calculate to defeated test data bag before being transmitted
Method is encrypted, and detailed process is as follows:
Carry out the encryption of data initially with leader cluster node key, simultaneously incidentally message authentication code, obtain packet
It is whereinTake turns test data bag to be sent for monitoring leader cluster node z i-th,For monitoring cluster head
The random number that node z i-th wheel generates,Node counter value for monitoring leader cluster node z i-th wheel;For monitoring cluster head
The node key of node z i-th wheel;
It is using the RC5 AES pair under CBC patternWith
Random numberThe cleartext information of composition is encrypted and obtains cipher-text information;
WhereinFor generating the ciphertext letter based on MD5
BreathMessage authentication code;Specifically, this Message Authentication Code is numerically equal to cipher-text informationCalculated MD5 value after splicing with node key, then by MD5 value and leader cluster node enumerator
The remainder of value is spliced;
Then it is directed to packetEncrypted again, obtained:
WhereinThe cluster key generating for monitored leader cluster node z ';
Finally the above-mentioned packet obtaining of encrypting again is transferred to monitored leader cluster node by monitoring leader cluster node:
In described step S4, monitoring leader cluster node is transferred to the tracking packet of base station before being transmitted using under CBC pattern
RC5 AES and be encrypted, detailed process is as follows:Carry out the encryption of data using its leader cluster node key, send simultaneously
Band message authentication code, obtains packet
It is whereinFor following the trail of packet,The random number generating for monitoring leader cluster node z i-th wheel,Node counter value for monitoring leader cluster node z i-th wheel;Node key for monitoring leader cluster node z i-th wheel;
WhereinIt is to tracking using the RC5 AES under CBC pattern
PacketAnd random numberThe cleartext information of composition is encrypted and obtains cipher-text information;
WhereinFor the ciphertext based on MD5 generating
InformationMessage authentication code, specifically, this message authentication code is numerically etc.
In cipher-text informationCalculated MD5 value after splicing with node key, then
The remainder of MD5 value and node counter value is spliced.
In step S4 described in the present embodiment, leader cluster node is verified when receiving the packet of cluster interior nodes transmission, then
Packet is decrypted, the packet after being deciphered:
WhereinIt is sent to the packet of leader cluster node for node j i-th wheel,Take turns for base station counter i-th and produce
The Counter Value of raw the whole network nodes sharing;Kch-jThe cluster key generating in the i-th wheel place cluster for leader cluster node x;Cluster
Packet after the i-th wheel deciphering for the head node x;
Then the packet plaintext that the i-th wheel is received by leader cluster nodeThe identity marks information of leader cluster node x
idx, leader cluster node x i-th wheel generate random numberAnd base station generates random number in the i-th wheelCarry out after packing
Compression processes and obtains packet
Furthermore by packetObtained using the RC5 AES encryption under CBC pattern:
WhereinNode counter value for leader cluster node x i-th wheel;
Finally the data after above-mentioned encryption is sent to base station.
From the foregoing, the packet that in the present embodiment method, ordinary node transmits to leader cluster node, monitoring leader cluster node
The packet transmitting to base station to packet and the leader cluster node of the transmission of monitored leader cluster node is through encrypting and adding
Plus the packet after message authentication code, wherein each node random number that one node of connection generates when generating cipher-text information, with
Ensure that cipher-text information can resist known ciphertext only attack.
In the present embodiment step S3, the threshold formula of the cluster head election algorithm that each node runs is:
Wherein p is leader cluster node accounting, r is when front-wheel number, G are in the set of node not also being elected as leader cluster node when front-wheel
Close;EcurN () is node n current remaining, EaveIt is as the average residual energy of all surviving node of front-wheel, distoBS(n)
For the distance of node n and base station, disave2bsFor the average distance of all nodes and base station, λ1、λ2For weights coefficient, and there is λ1+
λ2=1.
In the present embodiment step S3, each ordinary node according to it, select by the cluster head relative importance value and each leader cluster node between
Excellent leader cluster node carries out into cluster, and wherein between ordinary node and leader cluster node, cluster head relative importance value computing formula is as follows:
Wherein optDeg (y, x) is the cluster head relative importance value between ordinary node y and leader cluster node;
Wherein PchThe leader cluster node x broadcast signal strength that (y, x) receives for ordinary node y;
Wherein pch_aveY average leader cluster node broadcast signal strength that () receives for ordinary node y;
Wherein disch2bsX () is the distance of leader cluster node x and base station;
Wherein disave2bsAverage distance for all nodes and base station;
Wherein EchX () is the dump energy of leader cluster node x;
Wherein EaveFor average leader cluster node dump energy;
Additionally, η1、η2、η3For weighting parameter, and meet η1+η2+η3=1;
Wherein Y is the set of ordinary node in network, and X is the set of leader cluster node in network;
Cluster head relative importance value between ordinary node and each leader cluster node is calculated by above formula, then select with its it
Between the maximum leader cluster node of cluster head relative importance value send request into clusters as optimum leader cluster node, then to optimum leader cluster node:
WhereinThe solicited message sending for ordinary node y i-th wheel, including the request into clusters information of the i-th wheelThe random number generating with the i-th wheel
WhereinIt is using the RC5 AES pair under CBC patternCleartext information
It is encrypted and obtain cipher-text information;
WhereinThe cipher-text information based on MD5 generatingMessage authentication code;SNy→CHm:Represent that ordinary node y transmits into cluster to optimum leader cluster node m
Request;
In described step S3, each leader cluster node chooses optimum cluster according to the cluster head relative importance value between itself and other leader cluster node
Head node monitors leader cluster node as it, and the cluster head relative importance value computing formula wherein between leader cluster node and other leader cluster nodes is such as
Under:
Wherein optDeg (x, n ") is the cluster head relative importance value between leader cluster node x and other leader cluster nodes;
Wherein PchOther leader cluster nodes n " broadcast signal strength that (x, n ") receives for leader cluster node x;
Wherein pch_aveX other leader cluster nodes average leader cluster node broadcast signal strength that () receives for leader cluster node x;
Wherein disch2bs(n ") is other leader cluster nodes n " with the distance of base station;
Wherein disave2bsAverage distance for all nodes and base station;
Wherein Ech(n ") be other leader cluster nodes n " dump energy;
Wherein Eave' for other all leader cluster nodes average leader cluster node dump energy;
Additionally, α1、α2、α3For weighting parameter, and meet α1+α2+α3=1;
Cluster head relative importance value between each leader cluster node and other leader cluster nodes is calculated by above formula, then select with
Between it, other maximum leader cluster nodes of cluster head relative importance value are as monitoring leader cluster node.
Assume the cluster formation stages in a certain wheel, node A, B, C, D are elected as leader cluster node.The prison of leader cluster node A
Controlling cluster-head node selection strategy is:Leader cluster node A also can receive the cluster head of leader cluster node B, C, D while broadcasting cluster head information
Broadcast, leader cluster node A, after the cluster head relative importance value optDeg calculating the cluster head broadcast that leader cluster node B, C, D send, selects
The maximum cluster head of optDeg data is as the monitoring cluster head of leader cluster node A, such as leader cluster node B.Then, leader cluster node A sends out to B
Send and ask into cluster message package BEG_JOIN, the effect of this message package is that request leader cluster node B is added in the cluster of leader cluster node A,
Member node as leader cluster node A:
WhereinThe random number generating in the i-th wheel for leader cluster node A,For leader cluster node A
The request sending enters cluster information, CHA→CHBRepresent that leader cluster node A sends request to leader cluster node B.
WhereinIt is to tracking packet using the RC5 AES under CBC pattern
Cleartext information is encrypted and obtains cipher-text information;
WhereinFor the cipher-text information based on MD5 generatingMessage authentication code;
Leader cluster node B after receiving the request bag that leader cluster node A sends, after the reliability of certification message, to leader cluster node A
Send request into clusters:
WhereinThe request into clusters information sending for leader cluster node B, CHB→CHARepresent that B sends to A
Request.
WhereinIt is to tracking packet using the RC5 AES under CBC patternBright
Civilian information is encrypted and obtains cipher-text information;
WhereinFor the cipher-text information based on MD5 generatingMessage authentication code;
Leader cluster node A is receiving the request into clusters of leader cluster node B, and after completing relevant authentication, leader cluster node A is monitored with it
The corresponding relation of leader cluster node B is also just set up.
From the foregoing, the present embodiment method is when cluster stage leader cluster node is elected, by residue energy of node, node with
Base station as election according to so that node more than current remaining and and the node near with base station distance be elected to cluster head probability
Larger.Consider when optimum leader cluster node is chosen simultaneously the residual energy energy of leader cluster node, leader cluster node and base station away from
From and leader cluster node and ordinary node with a distance from, can effectively reduce the power consumption of system, and select most suitable cluster head
Node and optimum leader cluster node.
In the present embodiment when wireless sensor network is for scene as shown in table 1, then weights in the present embodiment said method
Parameter lambda1For 0.8, λ2For 0.2, η1For 0.7, η2For 0.2, η3For 0.1, α1For 0.7, α2For 0.2, α3For 0.1;
Table 1
Parameter type | Numerical value |
Simulated scenario size | 100m x 100m |
Node number | 100 |
Base station location | (50,175) |
Start node energy | 2J |
Dwell time is forced in emulation | 3600s |
Expect leader cluster node accounting | 5% |
Leader cluster node size of data | 25bytes |
Message packets size | 500bytes |
Radio-circuit transmission consumes | 5e-9j/bit |
Radio-circuit is run and is consumed | 50e-9j |
Free space model amplifier multiple | 10pj/bit/m4 |
Multichannel attenuation model amplifier multiple | 0.0013pj/bit/m2 |
Data fusion energy expenditure | 5e-9j/bit/signal |
Time stabilization sub stage accounting | 95% |
It is illustrated in figure 2 wireless sensor network in above-mentioned table 1 scene lower network dump energy schematic diagram.As shown in Figure 2
For wireless sensor network in above-mentioned table 1 scene lower node existing state schematic diagram." secure-leach " curve is not low
The performance curve of the improvements in security agreement under power dissipation design strategy scenarios is it is seen then that when the introducing of security mechanism makes system survival
Between reduce 19.8%." leach-lpsi " though curve be have low power dissipation design strategy improvements in security agreement it can be seen that
So all multiple securities mechanisms of the present embodiment method make network entirety energy consumption aggravation, but due to employing the design plan of low-power consumption
Slightly, there are many raisings in terms of energy-conservation, and exceeded the level of LEACH agreement.It is illustrated in figure 4 under above-mentioned table 1 scene,
Certain monitoring TEST bag of leader cluster node and the base station reception amount of TRACE bag.Base station is according to the corresponding feelings of TRACE bag and TEST bag
Condition, determines this cluster head and has packet loss attack suspicion, and alert, further notifies the whole network.It can be seen that, the present embodiment
Method in addition to there is Prevention-Security ability, also to malicious cluster heads node initiate Tampering attack, packet loss attack have certain
Attack detecting ability.
The present embodiment has merged a series of security mechanism of lightweights based on the improved method for routing of LEACH agreement, possesses
Certain Prevention-Security and attack detecting ability.The method has effective defensive ability/resistance ability to external attack, and external attacker does not have
There is legal identity information, also there is no the key parameter of network it is impossible to damage to the confidentiality of network simultaneously.The method pair
Replay Attack that the person of internaling attack starts, Tampering attack, packet loss attack, known ciphertext only attack etc. also have effective Prevention-Security
Power of test.The layout strategy of low-power consumption reduces network energy consumption, extends network survival time, has substantially achieved LEACH
The energy consumption level of agreement.
Above-described embodiment is the present invention preferably embodiment, but embodiments of the present invention are not subject to above-described embodiment
Limit, other any spirit without departing from the present invention and the change made under principle, modification, replacement, combine, simplify,
All should be equivalent substitute mode, be included within protection scope of the present invention.
Claims (10)
1. a kind of wireless sensor network routing method based on LEACH agreement is it is characterised in that step is as follows:
The all nodes of S1, the whole network carry out initialization deployment;
S2, entrance certification broadcast phase:Base station includes the data of security control information and periodically updates to the whole network broadcast
Security control information, this security control information includes a random number, and each node is believed in the security control getting base station broadcast
After breath, the correctness of this security control information is verified, after having verified, currently stored security control information is carried out
Update;Certification broadcast phase enters step S3 after terminating;
S3, entrance cluster stage:All nodes run cluster head election algorithms, and after completing election of cluster head, elected leader cluster node is to complete
Net broadcast message, all ordinary nodes, after the broadcast message receiving multichannel leader cluster node, select optimum leader cluster node to carry out
Enter cluster;Meanwhile, the leader cluster node broadcast message that each leader cluster node receives according to it, chooses optimum leader cluster node and monitors as it
Leader cluster node, and ask into cluster information so that monitoring leader cluster node to enter cluster to monitored cluster head to monitoring leader cluster node transmission
Node place cluster;
The stable data transfer phase of S4, entrance:All ordinary nodes carry out data after obtaining the time slot in its affiliated cluster
Transmission, transfers data to the cluster head of its place cluster;Monitoring leader cluster node gets its monitored leader cluster node place cluster simultaneously
Time slot after, transmitting test data bag is to its monitored leader cluster node, and transmits tracking data bag to base station;Leader cluster node connects
Verified after receiving the data in cluster and checked its integrity, after collecting all valid data, by data and recognizing
The random number that card broadcast phase receives sends base station to after being packed, and the random number that base station is broadcasted and leader cluster node are sent out
The random number sending is contrasted, consistent to verify whether, if adopting the link authentication between leader cluster node and base station unanimously.
2. the wireless sensor network routing method based on LEACH agreement according to claim 1 is it is characterised in that institute
State generation, the distribution of the whole network node identification and the symmetric-key security algorithm that initialization deployment in step S1 includes base station key chain
Storage.
3. the wireless sensor network routing method based on LEACH agreement according to claim 1 is it is characterised in that institute
State the security control information that in step S2, base station is broadcasted to the whole network and include network master key and node blacklist;Base station is wide to the whole network
The network master key broadcast is derived from the network master key chain of base station stored;The network master key chain of wherein base station stored is hash chain;
Base station periodically updates network master key and node blacklist in each wheel, if node blacklist does not change, under
Will be without broadcast node blacklist during one wheel;
In described step S4 by send deficiency of data bag to leader cluster node node definition be doubtful malicious node, when node is sent out
When the deficiency of data bag number of times accounting giving leader cluster node is more than f%, this node definition is blacklist, and by leader cluster node
Node black list information is sent to base station, base station more new node black list information.
4. the wireless sensor network routing method based on LEACH agreement according to claim 3 is it is characterised in that base
Stand storage network master key chain be:
K1,K2,...,Km-1,Km;
Wherein m is the number of network master key in network master key chain;Network master key chain meets following relation:
K1=HASH (K2)
K2=HASH (K3)
......
Km-1=HASH (Km)
When base station is to the whole network broadcast safe control information, the first round is to the whole network radio network master key K1, second takes turns to the whole network broadcast
Network master key K2, the like, take turns to the whole network radio network master key K in mm;
In this step, base station needs to be encrypted to the data that the whole network is broadcasted, and base station is each in the present embodiment takes turns to the whole network
Data msg of broadcastiFor:
Wherein badList is node blacklist, KiThe network master key broadcasted to the whole network for the i-th wheel base station,For base station
The random number that i wheel generates;
The data that base station is broadcasted to the whole network is broadcasted after encryption, and the data of concrete broadcast is:
WhereinIt is the msg to be sent to base station using the RC5 AES under CBC patterniIn plain text
The encryption of information row obtains cipher-text information;WhereinFor generating based on MD5'sThe message authentication code of cipher-text information, specifically, this message authentication code is numerically equal to ciphertext and disappears
Calculated MD5 value after breath and network master key splicing;Represent that base station is broadcasted to the whole network;
In described step S2, all nodes, after getting the network master key of base station broadcast, are tested using the hash function prestoring
The correctness of card network master key, confirms that the network master key receiving is rationally effective, if the net that wherein node gets
Network master key meets below equation then it is assumed that the network master key getting is correct:
Ki-1=HASH (Ki);
Wherein KiFor node in the i-th wheel i.e. when front-wheel broadcast gets network master key, Ki-1It is previous round for node in the i-th -1 wheel
Broadcast gets network master key.
5. the wireless sensor network routing method based on LEACH agreement according to claim 1 is it is characterised in that institute
The security control information stating the storage of step S2 interior joint includes node key and blacklist list, and node is to have verified network master close
After the correctness of key, according to the network master key that it receives, its node key is updated by below equation:
WhereinNode key before updating for node j i-th wheel, i.e. the node key of the i-th -1 wheel storage, whereinFor section
The node key that point j obtains after the i-th wheel updates, KiFor the network master key of base station broadcast i-th wheel broadcast, that is, node is i-th
Wheel gets network master key, idjIdentity marks for node j;Wherein J is the set of all nodes in network;
In described step S3 after node x is elected as leader cluster node, by the network master key being received according to it and node
Identity marks generate with the cluster key from the current cluster as cluster head:
WhereinThe cluster key generating for leader cluster node x i-th wheel, KiThe network master key broadcasted for base station broadcast i-th wheel,
idxFor the identity marks of leader cluster node x, X is leader cluster node set, wherein X ∈ J in network;
In this step, leader cluster node x i-th takes turns and includes cluster head information ADV_CH to the information of the whole network broadcastxAnd random number
Wherein leader cluster node x i-th takes turns and to the information of the whole network broadcast is:
Above- mentioned information is only broadcasted, specially for after encryption:
WhereinThe base station counter value of the whole network nodes sharing producing for the i-th wheel base station counter;
It is using the RC5 AES pair under CBC patternCleartext information is encrypted and obtains cipher-text information;For generating based on MD5'sThe disappearing of cipher-text information
Breath authentication code, specifically, this Message Authentication Code is numerically equal to cipher-text informationWith node key
Calculated MD5 value after splicing;Represent that leader cluster node x i-th takes turns to the whole network broadcast;
Ordinary node sends the random number that it receives in leader cluster node broadcast phase when entering cluster, and leader cluster node verifies its broadcast
Random number whether consistent with the random number that ordinary node sends, if unanimously, link authentication completes;
In described step S3, monitoring leader cluster node, when entering the monitored leader cluster node of cluster, sends it and connects in leader cluster node broadcast phase
The random number receiving, monitored leader cluster node verifies random number that the random number of its broadcast sent whether with monitoring leader cluster node
Cause, if unanimously, link authentication completes;
In described step S3 after cluster stage election of cluster head, elected leader cluster node generates cluster key.
6. the wireless sensor network routing method based on LEACH agreement according to claim 5 is it is characterised in that institute
State the RC5 adopting before ordinary node y carries out data transmission after obtaining the time slot in its affiliated cluster in step S4 under CBC pattern
AES is encrypted formula, and detailed process is as follows:
Carry out the encryption of data initially with node key, simultaneously incidentally message authentication code, obtain packet
Wherein msgyFor ordinary node y data to be transmitted, i.e. cleartext information;For ordinary node y in the i-th node counts taken turns
Device value, is the remainder sum of base station counter value radix and node counter, as the initial vector of block encryption, wherein remainder is
Node works as front-wheel data packet count value;The random number that ordinary node y generates in the i-th wheel;I is when front-wheel number,For common
Node y is in the node key of the i-th wheel;Wherein Y is ordinary node set, wherein Y ∈ J in network;X ∪ Y=
J;
WhereinIt is to msg using the RC5 AES under CBC patternyAnd random numberThe cleartext information of composition is encrypted and obtains cipher-text information;
WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to cipher-text informationCalculated MD5 value after splicing with node key, then by MD5 value and node counts
The remainder of device value is spliced;
Then it is directed to packetEncrypted again, obtained packet
WhereinThe cluster key generating by the leader cluster node x of the entered cluster of ordinary node y,Take turns for base station counter i-th and produce
The Counter Value of raw the whole network nodes sharing;
WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to cipher-text informationWith calculated MD5 value after node key splicing;
Finally by the above-mentioned packet encrypted again and obtainAnd the remainder of node counter sends ordinary node to and is located
The leader cluster node of cluster, is then forwarded to base station by leader cluster node.
7. the wireless sensor network routing method based on LEACH agreement according to claim 5 it is characterised in that
In described step S4, monitoring leader cluster node z gets transmission test number after the time slot of its monitored leader cluster node z ' place cluster
According to bag to its monitored leader cluster node, this test data bag carries out adding using the RC5 AES under CBC pattern before being transmitted
Close, detailed process is as follows:
Carry out the encryption of data initially with leader cluster node key, simultaneously incidentally message authentication code, obtain packet
It is whereinTake turns test data bag to be sent for monitoring leader cluster node z i-th,For monitoring leader cluster node z
The random number that i-th wheel generates,Node counter value for monitoring leader cluster node z i-th wheel;For monitoring leader cluster node z
The node key of the i-th wheel;
It is using the RC5 AES pair under CBC patternWith random
NumberThe cleartext information of composition is encrypted and obtains cipher-text information;
WhereinFor the cipher-text information based on MD5 generatingMessage authentication code;Specifically, this Message Authentication Code is numerically equal to cipher-text informationCalculated MD5 value after splicing with node key, then by MD5 value and leader cluster node enumerator
The remainder of value is spliced;
Then it is directed to packetEncrypted again, obtained:
WhereinThe cluster key generating for monitored leader cluster node z ';
Finally the above-mentioned packet obtaining of encrypting again is transferred to monitored leader cluster node by monitoring leader cluster node:
In described step S4, monitoring leader cluster node is transferred to the tracking packet of base station before being transmitted using under CBC pattern
RC5 AES is encrypted, and detailed process is as follows:Carry out the encryption of data using its leader cluster node key, incidentally disappear simultaneously
Breath authentication code, obtains packet
It is whereinFor following the trail of packet,The random number generating for monitoring leader cluster node z i-th wheel,
Node counter value for monitoring leader cluster node z i-th wheel;Node key for monitoring leader cluster node z i-th wheel;
WhereinIt is to tracking data using the RC5 AES under CBC pattern
BagAnd random numberThe cleartext information of composition is encrypted and obtains cipher-text information;
WhereinFor the cipher-text information based on MD5 generatingMessage authentication code, specifically, this message authentication code is numerically equal to close
Civilian informationCalculated MD5 value after splicing with node key, then by MD5
The remainder of value and node counter value is spliced.
8. the wireless sensor network routing method based on LEACH agreement according to claim 6 is it is characterised in that institute
State leader cluster node in step S4 to be verified when receiving the packet of cluster interior nodes transmission, then packet be decrypted,
Packet after being deciphered:
WhereinIt is sent to the packet of leader cluster node for node j i-th wheel,Produce for base station counter i-th wheel
The Counter Value of the whole network nodes sharing;Kch-jThe cluster key generating in the i-th wheel place cluster for leader cluster node x;Cluster head section
Packet after the i-th wheel deciphering for the point x;
Then the packet plaintext that the i-th wheel is received by leader cluster nodeIdentity marks information id of leader cluster node xx, cluster
The random number that head node x generates in the i-th wheelAnd base station generates random number in the i-th wheelIt is compressed after packing locating
Reason obtains packet
Furthermore by packetObtained using the RC5 AES encryption under CBC pattern:
WhereinNode counter value for leader cluster node x i-th wheel;
Finally the data after above-mentioned encryption is sent to base station.
9. the wireless sensor network routing method based on LEACH agreement according to claim 1 is it is characterised in that institute
State in step S3, the threshold function table of the cluster head election algorithm that each node runs is:
Wherein p is leader cluster node accounting, r is when front-wheel number, G are in the node set not also being elected as leader cluster node when front-wheel;
EcurN () is node n current remaining, EaveIt is as the average residual energy of all surviving node of front-wheel, distoBSN () is section
Point n and the distance of base station, disave2bsFor the average distance of all nodes and base station, λ1、λ2For weights coefficient, and there is λ1+λ2=
1.
10. the wireless sensor network routing method based on LEACH agreement according to claim 1 is it is characterised in that institute
The cluster head relative importance value and each leader cluster node between is selected optimum leader cluster node and is carried out according to it to state in step S3 each ordinary node
Enter cluster, wherein between ordinary node and leader cluster node, cluster head relative importance value computing formula is as follows:
Wherein PchThe leader cluster node x broadcast signal strength that (y, x) receives for ordinary node y;
Wherein pch_aveY average leader cluster node broadcast signal strength that () receives for ordinary node y;
Wherein disch2bsX () is the distance of leader cluster node x and base station;
Wherein disave2bsAverage distance for all nodes and base station;
Wherein EchX () is the dump energy of leader cluster node x;
Wherein EaveFor average leader cluster node dump energy;
Additionally, η1、η2、η3For weighting parameter, and meet η1+η2+η3=1;
Wherein Y is the set of ordinary node in network, and X is the set of leader cluster node in network;
Cluster head relative importance value between ordinary node and each leader cluster node is calculated by above formula, then selects and cluster between it
The maximum leader cluster node of head relative importance value sends request into clusters as optimum leader cluster node, then to optimum leader cluster node:
WhereinThe solicited message sending for ordinary node y i-th wheel, including the request into clusters information of the i-th wheelThe random number generating with the i-th wheelKiThe network master key broadcasted in the i-th wheel for base station,
The Counter Value of the whole network nodes sharing producing for base station counter i-th wheel;
WhereinIt is using the RC5 AES pair under CBC patternCleartext information carry out
Encryption obtains cipher-text information;
WhereinThe cipher-text information based on MD5 generatingMessage authentication code;SNy→CHm:Represent that ordinary node y transmits into cluster to optimum leader cluster node m
Request;
In described step S3, each leader cluster node chooses optimum cluster head section according to the cluster head relative importance value between itself and other leader cluster node
Point monitors leader cluster node as it, and the cluster head relative importance value computing formula wherein between leader cluster node and other leader cluster nodes is as follows:
Wherein PchOther leader cluster nodes n " broadcast signal strength that (x, n ") receives for leader cluster node x;
Wherein pch_aveX other leader cluster nodes average leader cluster node broadcast signal strength that () receives for leader cluster node x;
Wherein disch2bs(n ") is other leader cluster nodes n " with the distance of base station;
Wherein disave2bsAverage distance for all nodes and base station;
Wherein Ech(n ") be other leader cluster nodes n " dump energy;
Wherein Eave' for other all leader cluster nodes average leader cluster node dump energy;
Additionally, α1、α2、α3For weighting parameter, and meet α1+α2+α3=1;
Cluster head relative importance value between each leader cluster node and other leader cluster nodes is calculated by above formula, then select with its it
Between other maximum leader cluster nodes of cluster head relative importance value as monitoring leader cluster node.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610513990 | 2016-06-30 | ||
CN2016105139908 | 2016-06-30 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106454815A true CN106454815A (en) | 2017-02-22 |
CN106454815B CN106454815B (en) | 2019-10-18 |
Family
ID=58219715
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611060412.XA Active CN106454815B (en) | 2016-06-30 | 2016-11-28 | A kind of wireless sensor network routing method based on LEACH agreement |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106454815B (en) |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106850826A (en) * | 2017-02-23 | 2017-06-13 | 上海喆之信息科技有限公司 | Long-distance management system outside a kind of medical institute |
CN107317858A (en) * | 2017-06-24 | 2017-11-03 | 梧州市兴能农业科技有限公司 | A kind of health and fitness information data monitoring system |
CN108307324A (en) * | 2018-01-22 | 2018-07-20 | 深圳优特利通信技术有限公司 | A kind of broadcast message safe transmission method and device |
CN109302424A (en) * | 2018-11-27 | 2019-02-01 | 中国人民解放军战略支援部队信息工程大学 | Sensor network cluster head monitors that node secret selects agreement |
CN109672750A (en) * | 2019-01-15 | 2019-04-23 | 特斯联(北京)科技有限公司 | A kind of security protection data aggregate management system and its management method based on Edge fabrics |
CN109951872A (en) * | 2019-02-28 | 2019-06-28 | 电子科技大学 | A kind of hybrid MAC protocols optimum design method based on wireless light communication |
CN111537022A (en) * | 2020-04-29 | 2020-08-14 | 江西天境精藏科技有限公司 | Punch forming production workshop safety monitoring system based on artificial intelligence |
CN112269803A (en) * | 2020-10-21 | 2021-01-26 | 中国商用飞机有限责任公司北京民用飞机技术研究中心 | Data set filling method and system |
CN112383884A (en) * | 2020-11-25 | 2021-02-19 | 海南大学 | A secure MAC protocol initiated by a receiver |
CN113179544A (en) * | 2021-04-26 | 2021-07-27 | 国网四川省电力公司经济技术研究院 | Wireless sensing clustering routing cluster head selection method applied to power Internet of things |
CN113423072A (en) * | 2021-08-24 | 2021-09-21 | 北京通建泰利特智能系统工程技术有限公司 | Network transmission method and system with high safety and readable storage medium |
CN114222343A (en) * | 2021-12-03 | 2022-03-22 | 国网江苏省电力有限公司电力科学研究院 | Underground pipe gallery wireless sensor network routing method and system |
CN116358759A (en) * | 2023-05-25 | 2023-06-30 | 曲阜恒威水工机械有限公司 | Chain tensioning detecting system based on digital twin technology |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102196420A (en) * | 2011-06-02 | 2011-09-21 | 河海大学常州校区 | Secure clustering routing management method for wireless sensor network |
CN103619016A (en) * | 2013-11-21 | 2014-03-05 | 太原科技大学 | Self-adaptive grid safe routing method in wireless sensor network |
CN103916942A (en) * | 2014-04-04 | 2014-07-09 | 安徽工程大学 | LEACH protocol improvement method capable of lowering energy consumption |
CN104320796A (en) * | 2014-10-28 | 2015-01-28 | 河海大学常州校区 | Wireless sensor network data transmission method based on LEACH protocol |
-
2016
- 2016-11-28 CN CN201611060412.XA patent/CN106454815B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102196420A (en) * | 2011-06-02 | 2011-09-21 | 河海大学常州校区 | Secure clustering routing management method for wireless sensor network |
CN103619016A (en) * | 2013-11-21 | 2014-03-05 | 太原科技大学 | Self-adaptive grid safe routing method in wireless sensor network |
CN103916942A (en) * | 2014-04-04 | 2014-07-09 | 安徽工程大学 | LEACH protocol improvement method capable of lowering energy consumption |
CN104320796A (en) * | 2014-10-28 | 2015-01-28 | 河海大学常州校区 | Wireless sensor network data transmission method based on LEACH protocol |
Non-Patent Citations (3)
Title |
---|
倪文亚: "无线传感器网络Leach路由协议的研究与改进", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
李芳芳: "一种基于LEACH协议的无线传感器网络路由算法", 《传感技术学报》 * |
邹莉莉: "一种基于LEACH的无线传感器网络分簇路由协议的分析与改进", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106850826A (en) * | 2017-02-23 | 2017-06-13 | 上海喆之信息科技有限公司 | Long-distance management system outside a kind of medical institute |
CN107317858A (en) * | 2017-06-24 | 2017-11-03 | 梧州市兴能农业科技有限公司 | A kind of health and fitness information data monitoring system |
CN108307324A (en) * | 2018-01-22 | 2018-07-20 | 深圳优特利通信技术有限公司 | A kind of broadcast message safe transmission method and device |
CN109302424A (en) * | 2018-11-27 | 2019-02-01 | 中国人民解放军战略支援部队信息工程大学 | Sensor network cluster head monitors that node secret selects agreement |
CN109672750A (en) * | 2019-01-15 | 2019-04-23 | 特斯联(北京)科技有限公司 | A kind of security protection data aggregate management system and its management method based on Edge fabrics |
CN109672750B (en) * | 2019-01-15 | 2020-02-14 | 特斯联(北京)科技有限公司 | Security data aggregation management system based on edge architecture and management method thereof |
CN109951872A (en) * | 2019-02-28 | 2019-06-28 | 电子科技大学 | A kind of hybrid MAC protocols optimum design method based on wireless light communication |
CN111537022A (en) * | 2020-04-29 | 2020-08-14 | 江西天境精藏科技有限公司 | Punch forming production workshop safety monitoring system based on artificial intelligence |
CN112269803A (en) * | 2020-10-21 | 2021-01-26 | 中国商用飞机有限责任公司北京民用飞机技术研究中心 | Data set filling method and system |
CN112269803B (en) * | 2020-10-21 | 2024-04-30 | 中国商用飞机有限责任公司北京民用飞机技术研究中心 | Data set filling method and system |
CN112383884A (en) * | 2020-11-25 | 2021-02-19 | 海南大学 | A secure MAC protocol initiated by a receiver |
CN113179544A (en) * | 2021-04-26 | 2021-07-27 | 国网四川省电力公司经济技术研究院 | Wireless sensing clustering routing cluster head selection method applied to power Internet of things |
CN113423072A (en) * | 2021-08-24 | 2021-09-21 | 北京通建泰利特智能系统工程技术有限公司 | Network transmission method and system with high safety and readable storage medium |
CN114222343A (en) * | 2021-12-03 | 2022-03-22 | 国网江苏省电力有限公司电力科学研究院 | Underground pipe gallery wireless sensor network routing method and system |
CN116358759A (en) * | 2023-05-25 | 2023-06-30 | 曲阜恒威水工机械有限公司 | Chain tensioning detecting system based on digital twin technology |
CN116358759B (en) * | 2023-05-25 | 2023-09-29 | 曲阜恒威水工机械有限公司 | Chain tensioning detecting system based on digital twin technology |
Also Published As
Publication number | Publication date |
---|---|
CN106454815B (en) | 2019-10-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106454815A (en) | Routing method for wireless sensor network based on LEACH protocol | |
CN100471141C (en) | Mixed intrusion detection method of wireless sensor network | |
Wazid et al. | A secure group-based blackhole node detection scheme for hierarchical wireless sensor networks | |
Gerhards-Padilla et al. | Detecting black hole attacks in tactical MANETs using topology graphs | |
Qazi et al. | Securing DSR against wormhole attacks in multirate ad hoc networks | |
Wazid et al. | RAD‐EI: A routing attack detection scheme for edge‐based Internet of Things environment | |
Burgner et al. | Security of wireless sensor networks | |
Wang et al. | Defending against collaborative packet drop attacks on MANETs | |
Mishra et al. | Security against black hole attack in wireless sensor network-a review | |
CN103841553B (en) | A kind of hybrid wireless Mesh network routing safety and the method for secret protection | |
Thiyagarajan et al. | An enhancement of EAACK using P2P ACK and RSA public key cryptography | |
CN102035726A (en) | Wormhole attack defense method based on multipath routing and trust mechanism in Ad hoc network | |
Cucurull et al. | Anomaly detection and mitigation for disaster area networks | |
Ramachandran et al. | A low-latency and high-throughput multipath technique to overcome black hole attack in Mobile Ad hoc network (MTBD) | |
Kolade et al. | Performance analysis of black hole attack in MANET | |
Louazani et al. | A time Petri net model for wormhole attack detection in wireless sensor networks | |
Periyanayagi et al. | Swarm-based defense technique for tampering and cheating attack in WSN using CPHS | |
Raj et al. | Sink Hole Attack Detection using Two Step Verification Technique in Wireless Sensor Networks | |
Fang et al. | An Energy-efficient Secure AODV Protocol in Industrial Sensor Network | |
CN106604274A (en) | Safety communication method based on information theory and cryptography in wireless sensor network | |
Malavenda et al. | A regulation-based security evaluation method for data link in wireless sensor network | |
Khan et al. | Exploring Manet Security Aspects: Analysis of Attacks and Node Misbehaviour Issues | |
CN107809760A (en) | A kind of method of message authentication in wireless sensor network | |
Soleimani et al. | Detecting black hole attack in wireless ad hoc networks based on learning automata | |
Srilakshmi et al. | Prevention of attacks in mobile ad hoc network using African buffalo monitoring zone protocol |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |